Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Big things to do when deploying a rails app

In the question What little things do I need to do before deploying a rails application I am getting a lot of answers that are bigger than "little things". So this question is slighly different.

What reasonably major steps do I need to take before deploying a rails application. In this case, i mean things which are are going to take more than 5 mins, and so need to be scheduled. For small oneline config changes, please use the little things question.

like image 820
Laurie Young Avatar asked Sep 19 '08 11:09

Laurie Young


3 Answers

Set up Capistrano to deploy You'll want to learn capistrano if you don't already know it, and use it to deploy your code in an automated way. This will involve setting up your shared directory and shared resources like database.yml.

Install C Based MySQL gem If you don't have all the required libs, this can take a little while, but less than 20 minutes.

Make sure you aren't vulnerable to common web application attacks Session fixation, session hijacking, cross-site scripting, SQL injection (probably you don't have to worry much about SQL injection). Be sure you use h() when outputting user-entered data in a view screen. Lots of good material online about this.

Choose a server architecture Nginx, Mongrel, FastCGI, CGI, Apache, Passenger: there is a lot to choose from. Think about how your app will be used and decide on the best architecture, then set it up.

Set up Exception Notifier or Exception Logger You will want your app to warn you when it breaks. Set one of these tools up to track production exceptions. Note: Exception notifier will warn you when routing errors occur (i.e. when people fat-finger URLs or script kiddies attack you): so think about what you want the framework to do when that happens and adjust accordingly.

Make sure all of your passwords are out of source control If you have database.yml, mail.yml (if you use yaml_mail_config) or other sensitive files in source control, get them out of there, replace them with database.yml.example, and put them in the shared/ folder on your server.

Ensure that your DB is locked down. A lot of people forget to secure MySQL when setting up their new production Rails box. Don't be like them.

Make sure all of the little web-files are in place If you are planning to be listed in Google, generate a sitemap.xml file. If you are planning to use an .htaccess file for something, make sure it's there. If you need a robots.txt file to prevent certain areas of your site from being indexed, make one. If you want a good looking 404 Page, make sure it's set up correctly. If you want a "Be Right Back" page to be present when you deploy, make sure that you have a Capistrano maintenance file specified and Nginx or Apache knows how and when to redirect to it.

Get your SSL Certs in place If you are going to use SSL, make sure you get certificates that are valid on your production domain, and set them up.

like image 72
Pete Avatar answered Oct 22 '22 12:10

Pete


Use some process monitoring

Sometimes your processes (mongrels in many cases) will die or other bad things will happen to them. For example a memory leak could cause the memory consumption to increase indefinitely or a process could start using all your CPU.

monit and god are both good choices to save you from this fate. They can also be set to hit a url on your site to check for a 200 response code.

Set up server monitoring

Some suggestions in this space: fiveruns, newrelic, scout

These tools will record detailed metrics on your servers and are invaluable when something goes wrong and you need to see what actually happened. They also give you real time information on server load.

If you have a cluster this kind of reporting is even more critical.

Backup

Write a script to periodically backup your database and any other assets that your users can upload. S3 might be a good choice for this.

like image 34
mloughran Avatar answered Oct 22 '22 10:10

mloughran


Choose a web server / load balancer

My preferred server is nginx, but the common pattern is to start with apache + mod_proxy_http.

like image 22
Dave Cheney Avatar answered Oct 22 '22 12:10

Dave Cheney